Another Day, Another N00b

During the day of a virus analyst, it so happens that when you do encounter a poorly written piece of malware, you don’t know whether to:

a. shake your head
b. laugh or
c. cry.

Take for instance, this little wannabe malware author who wrote Troj/Agent-GQO. When the Trojan is run, the following message box is displayed which purports to be stealing money from the infected machine.


In reality, all the Trojan does is attempt to contact a remote website (and it doesn’t hide the fact that it is trying to access the website). Despite its “terrifying” message, Troj/Agent-GQO does not perform any activities directly related to information gathering or information stealing.

To add further insults to the user, the Trojan creates a Text file on the Windows Desktop (aptly titled “OWNED BY EVIL KIDD!!!”), which when opened, reveals more immature rants.


In this case, I am tempted to go with option b. Laughter, they say after all, is the best medicine.